Hawke's Bay Twitter users appear to have been caught up in a worldwide hack of the popular social networking site which resulted in retweets and direct messages being sent when they moved the mouse or without users doing anything.
Some users overseas report watching their account automatically retweet messages and send direct messages when they simply moved the mouse across the screen. Sometimes the retweets occurred when users did nothing.
Reports say tens of thousands if not hundreds of thousands of Twitter accounts were affected, with many of the hacker tweets directing users to the Rick Astley "Never going to give you up" music video.   Hackers over the years have redirected unsuspecting Internet users to this video as an ongoing "joke."
In Hawke's Bay, at least one Twitter user followed by Hawke's Bay Today reported its account had been hacked yesterday afternoon.
"Apologies again if you got DM (direct message) spam from me. My account was hacked. Grrrrr," the Hawke's Bay user said in a posting.
The direct message urged the recipient to "try out the Twitter personality test" by clicking on a link in the message. Hawke's Bay Today did not click on the link.  Twitter users who received the message are advised not to click on the link.
Twitter said the security exploit that caused problems was caused by cross-site scripting (XSS). Cross-site scripting is the practice of placing code from an untrusted website into another one. In this case, users submitted javascript code as plain text into a Tweet that could be executed in the browser of another user.
"We discovered and patched this issue last month. However, a recent site update (unrelated to new Twitter) unknowingly resurfaced it.
"Early this morning, a user noticed the security hole and took advantage of it on Twitter.com. First, someone created an account that exploited the issue by turning tweets different colors and causing a pop-up box with text to appear when someone hovered over the link in the Tweet. This is why folks are referring to this an "onMouseOver" flaw -- the exploit occurred when someone moused over a link," said Twitter.
Twitter said other users took this one step further and added code that caused people to retweet the original Tweet without their knowledge.
"This exploit affected Twitter.com and did not impact our mobile web site or our mobile applications. The vast majority of exploits related to this incident fell under the prank or promotional categories.
"Users may still see strange retweets in their timelines caused by the exploit. However, we are not aware of any issues related to it that would cause harm to computers or their accounts. And, there is no need to change passwords because user account information was not compromised through this exploit," said Twitter.
"This issue is now resolved. We apologize to those who may have encountered it," Twitter said.
You can follow Hawke's Bay Today on Twitter at  http://twitter.com/hawkesbaytoday